File permission seems to have changed by itself


Mar 26, 2014
cPanel Access Level
Root Administrator
Hi there, I've been using cPanel for a while, but only as a reseller. I have recently started using a VPS, and am trying to get my head around all the new cPanel admin capabilities.

I had an unusual problem this morning. All of a sudden, one of the PHP files of one of my websites started returning an "Internal Server Error 500". After much searching, I realised that the problem was related to the permission of this file, which was set to 664. All other files were set to 644. As soon as I changed the permissions back to 644, the file started working properly.

The mystery is that the file seemed to change permission all by itself. It was working perfectly, then the error started without any apparent intervention. I am the only person who has access to the files, and there is no other evidence of the site being hacked.

My question is this. Are there any automated security or precautionary systems in place within cPanel that might have changed the permissions of this file, in response to an attack?

It was an easy enough problem to fix, but I'd really like to try and find out why it happened in the first place.

Thanks for your help.


Staff member
Apr 11, 2011
Hello :)

Yes, it seems like an alternation made by the application itself. You could always "stat" the file to see more information about when it was last modified if it happens again. EX:

stat /path/to/
Thank you.